const express = require('express');
const router = express.Router();
const authController = require('../controllers/authController');
const authMiddleware = require("../middleware/authMiddleware");
const requirePermission = require("../middleware/roleMiddleware");

/**
 * @swagger
 * /api/auth/login:
 *   post:
 *     summary: 用户登录
 *     tags: [Auth]
 *     description: 用户使用用户名和密码登录，成功后返回 JWT token。
 *     requestBody:
 *       required: true
 *       content:
 *         application/json:
 *           schema:
 *             type: object
 *             required:
 *               - username
 *               - password
 *             properties:
 *               username:
 *                 type: string
 *                 description: 用户名
 *                 example: admin
 *               password:
 *                 type: string
 *                 description: 密码
 *                 example: "123456"
 *     responses:
 *       200:
 *         description: 登录成功，返回 token
 *         content:
 *           application/json:
 *             schema:
 *               type: object
 *               properties:
 *                 token:
 *                   type: string
 *                   description: JWT 令牌
 *       400:
 *         description: 用户不存在
 *       401:
 *         description: 密码错误
 */
router.post('/login', authController.login);

/**
 * @swagger
 * /api/auth/register:
 *   post:
 *     summary: 用户注册
 *     tags: [Auth]
 *     description: 用户注册账号，支持可选字段如身份证、银行信息、头像、劳务队等。
 *     requestBody:
 *       required: true
 *       content:
 *         application/json:
 *           schema:
 *             type: object
 *             required:
 *               - username
 *               - phone
 *               - password
 *             properties:
 *               username:
 *                 type: string
 *                 description: 用户名，唯一
 *                 example: "test_user"
 *               phone:
 *                 type: string
 *                 description: 手机号（11位数字）
 *                 example: "13800138000"
 *               password:
 *                 type: string
 *                 description: 登录密码（至少6位）
 *                 example: "123456"
 *               role:
 *                 type: integer
 *                 description: 用户角色（1=管理员，2=普通用户）
 *                 example: 2
 *               id_number:
 *                 type: string
 *                 description: 中国身份证号（18位）
 *                 example: "110101199003076871"
 *               bank_account:
 *                 type: string
 *                 description: 银行名称
 *                 example: "中国建设银行"
 *               bank_number:
 *                 type: string
 *                 description: 银行卡号
 *                 example: "6217001234567890123"
 *               avatar:
 *                 type: string
 *                 description: 用户头像URL
 *                 example: "https://example.com/avatar.jpg"
 *               laborTeam:
 *                 type: integer
 *                 description: 所属劳务队ID
 *                 example: 3
 *               status:
 *                 type: integer
 *                 description: 用户状态（1=正常，0=禁用，2=已删除）
 *                 example: 1
 *     responses:
 *       201:
 *         description: 注册成功
 *       400:
 *         description: 参数不合法
 *       409:
 *         description: 用户名或手机号已存在
 */
router.post('/register', authController.register);

router.get('/users',authController.getAllUsers);
router.put('/users/:id', authController.updateUser);
router.delete('/users/:id', authMiddleware, requirePermission(), authController.deleteUser);

module.exports = router;
